Learn how to a build a cloud-first strategyRegister Now

x
?
Solved

SBS2008 Outlook continually prompting for username/pw after email domain change

Posted on 2012-09-07
12
Medium Priority
?
695 Views
Last Modified: 2012-10-07
I think i made a boo boo.

I have a small office with an SBS2008 box and six or so users, running Outlook (2007 or 2010).

Recently they wanted to change their primary email domain name from the one set up with SBS.  

So, I ran the Set up your Internet Address wizard again, and put in the new domain.

This changed everything in exchange, so their primary emails were now correct.  I also added in the original email via the Exchange Management Console so they could receive email on that address too.

Anyway email delivery has no problem.   However, all Outlook clients are constantly getting a popup for their username and password.  If they put inthe details it goes away for 10 mins or so, then appears again.  Email still flows even if they cancel the box, it seems an annoyance more than anything but its REALLY annoying.

Anyway, to resolve it I've tried many things including running the certificate wizard again (they have a self signed cert) and confirming the certificate has the new domain in it, i've manually forced the install of the new certifiacte via internet explorer on all the clients, I've installed Exchange 2007 SP2, I've deleted and re-created the exchange account in outlook, i've turned off Exchange over HTTP on all local office clients outlook.

Where else should i be looking?

cheers
nathan
0
Comment
Question by:natrat22
  • 5
  • 4
  • 2
  • +1
12 Comments
 
LVL 2

Expert Comment

by:KodeKyk
ID: 38375373
Could it be a DNS problem?

Try this on a client:
1) Close Outlook
2) In a CMD-box type:
 ipconfig /flushdns
3) Reopen Outlook
0
 
LVL 8

Expert Comment

by:tonyperth
ID: 38375419
It could be cached credentials.

Close all apps
Open Control Panel
Open User Accounts
Open Credential Manager
Delete any credentials that refer to your server
Reboot
0
 
LVL 8

Expert Comment

by:tonyperth
ID: 38375424
Did you use the SBS2008 wrapper tool to install SP2 on exchange?
0
What does it mean to be "Always On"?

Is your cloud always on? With an Always On cloud you won't have to worry about downtime for maintenance or software application code updates, ensuring that your bottom line isn't affected.

 
LVL 63

Expert Comment

by:Simon Butler (Sembee)
ID: 38378454
Start by installing Exchange 2007 SP3 on to the server, then the latest rollup. That will correct a lot of issues.
The self signed certificate is probably the cause of the problems. Outlook cannot cope with a self signed certificate and its prompts. Switching to a signed certificate is the best way to deal with it.

http://exchange.sembee.info/2007/install/sbs2008ssl.asp

Simon.
0
 
LVL 1

Author Comment

by:natrat22
ID: 38378638
Thanks for the comments.  I did use the SBS2008 wrapper tool to install SP2.  I also think the issue is only actually happening on all the Outlook 2007  clients, not 2010.

I will check cached credentials and install Exchange SP3.  Is there a similar wrapper tool required to install Exchange SP3 on SBS2008?

If none of that works I'll purchase a signed certificate.

will report back.

thanks
nathan
0
 
LVL 1

Author Comment

by:natrat22
ID: 38378642
Hmm i may have found a possibly related issue.  There seems to be a two year old expired certificate being found by autodiscover.customersdomain.com.au issued by "plesk".  This a bit weird as my client only bought the new domain a couple of months back.  Presumably somebody else may have had it inthe past but how would it be finding an old certificate?  So it seems that maybe buying a new certificate and/or updating/removing autodiscover records from current DNS may help?

(have also found the instructions for SP3 install and seen no wrapper tool required)
0
 
LVL 63

Expert Comment

by:Simon Butler (Sembee)
ID: 38379111
The certificate has nothing to do with the domain age.
I expect that autodiscover.example.com will resolve to an external hosting company. That hosting company will have Plesk installed to manage their web hosting - Plesk is a control panel.

You need to ensure that autodiscover.example.com resolves to the SBS server's external IP address, and if you are going to use Outlook Anywhere, ActiveSync etc that you have a commercial signed certificate that includes autodiscover.

http://exchange.sembee.info/2007/install/sbs2008ssl.asp

Simon.
0
 
LVL 1

Author Comment

by:natrat22
ID: 38380627
Exchange 2007 SP3 didnt help.

what i have now noticed though is this:

I've unticked Connect to Microsoft Exchange Using HTTP in the exchange account settings in Outlook as I'm pretty sure its a certificate related issue todo with that.

however once the outlook authentication popup appears, if you enter the username and password, that setting immediately becomes ticked again.

I guess installing a proper 3rd party certificate would fix this also?  Is there any other way?
0
 
LVL 1

Author Comment

by:natrat22
ID: 38380636
Following this post here seems to have fixed the issue:

http://ilantz.com/2009/06/18/prevent-outlook-anywhere-aka-rpc-over-http-from-being-automaticly-configured-in-exchange-2007-with-autodiscover/

But i expect using a proper certificate would also.  Ill monitor it over the next day and see.
0
 
LVL 63

Expert Comment

by:Simon Butler (Sembee)
ID: 38380814
The reason it gets enabled again is because autodiscover is correcting your configuration, which is what it is designed to do.
Furthermore, those settings shouldn't be used - the way that Outlook Anywhere (Exchange over HTTPS) works is that it only kicks in if a connection via TCP/IP cannot be made. Disabling the feature in Outlook doesn't really resolve the underlying problem, it just deals with the symptoms.

Simon.
0
 
LVL 1

Author Comment

by:natrat22
ID: 38381608
It didnt actually fix it anyway, some Outlook clients still getting the popup username pw prompts.  I guess trying a third party certificate is the next step?

I still dont understand why it all worked perfectly with the original setup and the self signed cert but i can't get rid of the prompts since changing their email domain on SBS.  There must be somewhere on the server that needs something else changed manually.
0
 
LVL 63

Accepted Solution

by:
Simon Butler (Sembee) earned 2000 total points
ID: 38382465
The reason it probably doesn't work is due to the way that SBS implements the self signed certiifcate. If I recall correctly it will install it on to the workstation as part of the add computer process. Of course the certiifcate has now changed so you get the issues. A commercial certificate is the best course of action anyway.

Simon.
0

Featured Post

Vote for the Most Valuable Expert

It’s time to recognize experts that go above and beyond with helpful solutions and engagement on site. Choose from the top experts in the Hall of Fame or on the right rail of your favorite topic page. Look for the blue “Nominate” button on their profile to vote.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This month, Experts Exchange sat down with resident SQL expert, Jim Horn, for an in-depth look into the makings of a successful career in SQL.
Today as you open your Outlook, you witness an error message: “Outlook is using an old copy of your Outlook Data File…”. Probably, Outlook is accessing an old OST file.
This video shows how to quickly and easily deploy an email signature for all users in Office 365 and prevent it from being added to replies and forwards. (the resulting signature is applied on the server level in Exchange Online) The email signat…
Exchange organizations may use the Journaling Agent of the Transport Service to archive messages going through Exchange. However, if the Transport Service is integrated with some email content management application (such as an antispam), the admini…
Suggested Courses
Course of the Month20 days, 16 hours left to enroll

810 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question